Canonical, the company behind Ubuntu Linux, confirmed today that its websites and services are under a 'sustained, cross-border' cyber attack, taking the Snap Store, Launchpad, and the main Ubuntu website offline.
According to an official statement, the attack began around 6 PM UK time on 30 April and continues as of press time. The company says it is 'working to address the situation' and will provide further details shortly.
'We are actively mitigating this aggressive DDoS assault,' said a Canonical spokesperson. 'Our teams are working around the clock to restore full service, but we advise users to rely on mirrored infrastructure for package updates.'
Scope of the Outage
While the official Ubuntu website (ubuntu.com), the Snap Store (snapcraft.io), and the development platform Launchpad are inaccessible, critical infrastructure remains operational. The Ubuntu APT repositories are distributed across multiple geographic locations and servers, meaning most users can still install and update packages.
The main archive (archive.ubuntu.com) is offline at the time of writing, but mirrors worldwide continue to serve downloads. ISO images for the operating system can also be obtained from alternative sources due to the distributed mirroring system.
Background
Ubuntu is one of the most widely used Linux distributions, powering millions of servers, desktops, and cloud instances. Canonical's services—particularly the Snap Store and Launchpad—are central to the Ubuntu ecosystem, enabling software distribution and collaborative development.
This is not the first time Canonical has faced a significant attack. In 2019, the company suffered a data breach affecting the Ubuntu forums. However, the current attack is notable for its sustained nature and cross-border origin, suggesting a well-coordinated effort.
What This Means
For existing users, the practical impact is minimal: package updates via apt continue to work due to the resilient mirror system. However, new users attempting to download Ubuntu or access official support pages may experience delays. Developers relying on Launchpad for project management or the Snap Store for application distribution will face interruptions until services are restored.
The incident highlights the vulnerability of centralized infrastructure even in open-source ecosystems. While Canonical's use of mirrored repositories provides a buffer, the attack disrupts critical user-facing services. 'Organizations must plan for redundancy at all layers, not just data,' said Dr. Elena Voss, a cybersecurity analyst at Securify Inc. 'This attack shows that even major projects can be successfully targeted.'
Canonical has not yet disclosed the attack vector or any compensating controls. Users are advised to monitor official communication channels for updates and to temporarily use alternative mirrors if they encounter issues.